Description
IBM QRadar SIEM 7.3 and 7.4 is vulnerable to insecure inter-deployment communication. An attacker that is able to comprimise or spoof traffic between hosts may be able to execute arbitrary commands. IBM X-Force D: 192538.
CVSS breakdown
CVSS 3.0
Confidentiality
High
Privileges Required
None
Attack Vector
Adjacent
Attack Complexity
High
User Interaction
None
Integrity
High
Scope
Unchanged
Availability
High
RC
Changed
E
Unchanged
RL
O
Affected products
- ibm / QRadar SIEM7.3 – 7.3
- ibm / QRadar SIEM7.4 – 7.4